<?php
/**
 *@filename:				PublicAction.class.php
 *@desc:					后台管理系统 公共模块
 * 
 *@author:					houyining
 *@copyright:				hou.yining@gmail.com
 *@date:					2011-03-29 
 */
class PublicAction extends Action
{
	// 检查用户是否登录
	protected function checkUser() {
		if(!isset($_SESSION[C('USER_AUTH_KEY')])) {
			$this->assign('jumpUrl','Public/login');
			$this->error(L('have_not_login'));
		}
	}
	
	//如果通过认证跳转到首页
	public function index()
	{
		//如果通过认证跳转到首页
		redirect(__APP__);
	}
	//如果未登录，跳转到登录页面
	public function login()
	{
		if(!isset($_SESSION[C('USER_AUTH_KEY')]))
		{
			$this->assign('title', L('login_title'));
			$this->display();
		}
		else
		{
			$this->redirect('Index/index');
		}
	}
	
	//生成验证码
	public function verify()
	{
		$type = isset($_GET['type']) ? $_GET['type'] : 'gif';
		Image::buildImageVerify(4,2,$type);
	}
	
	//检测用户登陆
	public function checkLogin() {
		if(empty($_POST['account'])) {
			$this->error(L('account_empty'));
		}elseif (empty($_POST['password'])){
			$this->error(L('password_empty'));
		}elseif (C('ADMIN_VERIFY') && empty($_POST['verify'])){
			$this->error(L('verify_empty'));
		}
        //生成认证条件
        $map            =   array();
		// 支持使用绑定帐号登录
		$map['account']	= $_POST['account'];
        $map["status"]	=	array('gt',0);
		if(C('ADMIN_VERIFY') && $_SESSION['verify'] != md5($_POST['verify'])) {
			$this->error(L('verify_error'));
		}
		import ( '@.ORG.RBAC' );
        $authInfo = RBAC::authenticate($map);
        //使用用户名、密码和状态的方式进行认证
        if(false === $authInfo || null == $authInfo) {
            $this->error(L('account_error'));
        }else {
            if($authInfo['password'] != md5($_POST['password'])) {
            	$this->error(L('password_error'));
            }
            $_SESSION[C('USER_AUTH_KEY')]	=	$authInfo['id'];
            $_SESSION['email']	=	$authInfo['email'];
            $_SESSION['loginUserName']		=	$authInfo['account'];
            $_SESSION['lastLoginTime']		=	$authInfo['last_login'];
            if($authInfo['account']=='admin') {
            	$_SESSION[C('ADMIN_AUTH_KEY')]		=	true;
            }
            //保存登录信息
			$AdminUser	= M('AdminUser');
			
			$ip		=	get_client_ip();
			$time	=	time();
            $data = array();
			$data['id']	=	$authInfo['id'];
			$data['last_login']	=	$time;
			$data['last_ip']	=	$ip;

			$AdminUser->save($data);
			
			// 缓存访问权限
            RBAC::saveAccessList();
			$this->success(L('login_success'));
		}
	}
	
	// 用户登出
    public function logout(){
        if(isset($_SESSION[C('USER_AUTH_KEY')])) {
			unset($_SESSION[C('USER_AUTH_KEY')]);
			unset($_SESSION);
			session_destroy();
            $this->redirect('Index/index');
        }else {
            $this->error(L('have_logout'));
        }
    }
	
	//后台管理页面各个部分
	public function top(){
		C('SHOW_RUN_TIME',false);	
		C('SHOW_PAGE_TRACE',false);
		$this->assign('title', L('login_title'));
		$this->display();
	}
	
	public function footer(){
		C('SHOW_RUN_TIME',false);			
		C('SHOW_PAGE_TRACE',false);
		$this->display();
	}
	
	public function menu(){
		$this->checkUser();
		
		C('SHOW_RUN_TIME',false);			
		C('SHOW_PAGE_TRACE',false);
        if(isset($_SESSION[C('USER_AUTH_KEY')])) {
            //显示菜单项
            $menu  = array();
            if(isset($_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]])) {

                //如果已经缓存，直接读取缓存
                $menu   =   $_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]];
            }else {
                //读取数据库模块列表生成菜单项
                $node    =   M("Node");
				$id	=	$node->getField("id");
				$where['level']=2;
				$where['status']=1;
				$where['pid']=$id;
                $list	=	$node->where($where)->field('id,name,group_id,title')->order('sort asc')->select();
                $accessList = $_SESSION['_ACCESS_LIST'];
                foreach($list as $key=>$module) {
                     if(isset($accessList[strtoupper(APP_NAME)][strtoupper($module['name'])]) || $_SESSION['administrator']) {
                        //设置模块访问权限
                        $module['access'] =   1;
                        $menu[$key]  = $module;
                    }
                }
                //缓存菜单访问
                $_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]]	=	$menu;
            }
            if(!empty($_GET['tag'])){
                $this->assign('menuTag',$_GET['tag']);
            }
			//dump($menu);
            $this->assign('menu',$menu);
		}
		$this->display();	
	}
	
	public function main(){		
	  	$info = $this->_getSystemInfo();

        $crumb_info = array(
			array('uri' => '__APP__', 'title' => L('login_title'), 'sort' => C('CRUMB_FIRST')),
			array('uri' => '__URL__/main', 'title' => L('system_info'), 'sort' => C('CRUMB_LAST')),
		);
		$this->assign('crumb_info', $crumb_info);
        $this->assign('info',$info);
		$this->display();
	}
	
	public function drag(){		
		C('SHOW_RUN_TIME',false);			
		C('SHOW_PAGE_TRACE',false);
		$this->display();
	}
	//修改个人信息
	public function profile(){
		$this->checkUser();
		$User	 =	 M("AdminUser");
		$vo	=	$User->find($_SESSION[C('USER_AUTH_KEY')]);
		$this->assign('vo',$vo);
		$this->display();
	}

	private function _getSystemInfo()
	{
		return array(
			'操作系统'=>PHP_OS,
            '运行环境'=>$_SERVER["SERVER_SOFTWARE"],
            'PHP运行方式'=>php_sapi_name(),
            '上传附件限制'=>ini_get('upload_max_filesize'),
            '执行时间限制'=>ini_get('max_execution_time').'秒',
            '服务器时间'=>date("Y年n月j日 H:i:s"),
            '北京时间'=>gmdate("Y年n月j日 H:i:s",time()+8*3600),
            '服务器域名/IP'=>$_SERVER['SERVER_NAME'].' [ '.gethostbyname($_SERVER['SERVER_NAME']).' ]',
            '剩余空间'=>round((@disk_free_space(".")/(1024*1024)),2).'M',
            'register_globals'=>get_cfg_var("register_globals")=="1" ? "ON" : "OFF",
            'magic_quotes_gpc'=>(1===get_magic_quotes_gpc())?'YES':'NO',
            'magic_quotes_runtime'=>(1===get_magic_quotes_runtime())?'YES':'NO',
		);
	}
}
?>